Stimulus grants left power grid vulnerable to cyber attacks

The Department of Energy's rush to award stimulus grants for projects under the next generation of the power grid, known as the Smart grid, resulted in some firms receiving funds without submitting complete plans for how to safeguard the grid from cyber attacks, according to an inspector general's report.

"Officials approved cyber security plans for Smart Grid projects even though some of the plans contained shortcomings that could result in poorly implemented controls," states the report. "We also found that the Department was so focused on quickly disbursing Recovery Act funds that it had not ensured personnel received adequate grants management training." According to the report, 36 percent of the grant applications submitted were lacking one or more elements in their cybersecurity plans. Three out of the five cybersecurity plans reviewed by the IG were incomplete, and often didn't address weaknesses previously identified by the Energy Department.